<?php
	$uri = $_SERVER['REQUEST_URI'];
	$uri_var = explode('/', $uri);
	
	$count = count($uri_var);
	$dot = "";
	
	for($i=0; $i<$count-2; $i++)
	{
		$dot = $dot."../";
	}
?>
<?php include($dot.'mvz-config/system/begin.php'); ?>
<?php include($dot.'mvz-config/system/session_start.php'); ?>
<?php include($dot.'mvz-config/system/session.php'); ?>
<?php
	/* Start Process */
	
	$http_referer = $_SERVER['HTTP_REFERER'];
	$referer = explode("?",$http_referer);
	$url_referer = $referer[0];
	
	// Get User Info
	if(!isset($_POST['process_module_id']))	{$modid = "";}	else{$modid = sql_quote(trim($_POST['process_module_id']));}
	if(!isset($_POST['process_module_name']))	{$modname = "";}	else{$modname = sql_quote(trim($_POST['process_module_name']));}
	if(!isset($_POST['process_module_sub_id']))	{$modsubid = "";}	else{$modsubid = sql_quote(trim($_POST['process_module_sub_id']));}
	if(!isset($_POST['process_module_category']))	{$modcategory = "";}else{$modcategory = sql_quote(trim($_POST['process_module_category']));}
	if(!isset($_POST['process_type']))		{$type = "";}	else{$type = sql_quote(trim($_POST['process_type']));}
	if(!isset($_POST['process_userin']))	{$user = "";}	else{$user = sql_quote(trim($_POST['process_userin']));}
	if(!isset($_POST['process_usergroup']))	{$usrgrp = "";}	else{$usrgrp = sql_quote(trim($_POST['process_usergroup']));}
	if(!isset($_POST['process_datein']))	{$date = "";}	else{$date = sql_quote(trim($_POST['process_datein']));}
	
	
	
	
	$isValid = check_user_module_process_privilege($user, $usrgrp, $modcategory, $modid, $modsubid, $type);
	
	/*
	echo "modid : ".$modid." -<br />";
	echo "modname : ".$modname." -<br />";
	echo "modsubid : ".$modsubid." -<br />";
	echo "modtype : ".$modcategory." -<br />";
	echo "type : ".$type." -<br />";
	echo "user : ".$user." -<br />";
	echo "usrgrp : ".$usrgrp." -<br />";
	echo "date : ".$date." -<br />";
	echo "isValid : ".$isValid." -<br />";
	die();
	*/
	
	if($isValid)
	{
		/*
		echo "<pre>";
		print_r($_SESSION);
		echo "</pre>";
		*/
		
		if(!isset($_POST['txt_submodules_parent']))	{$parent = "";}	else{$parent 	= sql_quote(trim($_POST['txt_submodules_parent']));}
		if(!isset($_POST['txt_submodules_name']))	{$name = "";}	else{$name 	= sql_quote(trim($_POST['txt_submodules_name']));}
		if(!isset($_POST['txt_submodules_PK_id']))	{$PK_id = "";}	else{$PK_id = sql_quote(trim($_POST['txt_submodules_PK_id']));}
		if(!isset($_POST['txt_submodules_label']))	{$label = "";}	else{$label = sql_quote(trim($_POST['txt_submodules_label']));}
		if(!isset($_POST['txt_submodules_front']))	{$front = "";}	else{$front = sql_quote(trim($_POST['txt_submodules_front']));}
		if(!isset($_POST['txt_submodules_back']))	{$back = "";}	else{$back 	= sql_quote(trim($_POST['txt_submodules_back']));}
		if(!isset($_POST['txt_submodules_position']))	{$position = "";}	else{$position 	= sql_quote(trim($_POST['txt_submodules_position']));}
		if(!isset($_POST['rdo_submodules_activate']))	{$activate = "";}	else{$activate 	= sql_quote(trim($_POST['rdo_submodules_activate']));}

		if(($type == "ADD" || $type == "EDIT") && $parent <= 0)
		{
			setSessionMsg("Please select Parent !");
			header("Location: ".$url_referer);
		}
		else
		{
			/*
			echo "PKid : ".$PK_id." -<br />";
			echo "parent : ".$parent." -<br />";
			echo "name : ".$name." -<br />";
			echo "label : ".$label." -<br />";
			echo "front : ".$front." -<br />";
			echo "back : ".$back." -<br />";
			echo "position : ".$position." -<br />";
			echo "activate : ".$activate." -<br />";
			
			die();
			*/
			
			if($type == "ADD")
			{
				$sql = "insert into ms_module_sub (moduleid, modulesubname, modulesublabel, modulesuburltype, modulesuburlfront, modulesuburlback, modulesubposition, modulesubstatus, userin, datein, stsrc) 
						values ('".$parent."', '".$name."', '".$label."', 'module', '".$front."', '".$back."', ".$position.", ".$activate.", ".$user.", '".$date."', 'A')
					";
				
				$string_log = "Add data Sub Module ".$name." ";
				$string_msg = "Data ".$name." succesfully added";
			}
			else if($type == "EDIT")
			{
				$sql = " update ms_module_sub ";
				$sql .= " set 	moduleid = '".$parent."',
								modulesubname = '".$name."',
								modulesublabel = '".$label."',
								modulesuburltype = 'module',
								modulesuburlfront = '".$front."',
								modulesuburlback = '".$back."',
								modulesubposition = '".$position."',
								modulesubstatus = '".$activate."',
								userup = ".$user.",
								dateup = '".$date."'
								
						";
				$sql .= " where modulesubid = ".$PK_id." and stsrc = 'A'
						";
				//echo $sql;die();
				$string_log = "Edit data Sub Module ".$PK_id." - ".$name." ";
				$string_msg = "Data ".$name." succesfully changed";
			}
			else if($type == "DELETE")
			{
				$sql = " update ms_module_sub ";
				$sql .= " set 	stsrc = 'D',
								userup = ".$user.",
								dateup = '".$date."'
						";
				$sql .= " where modulesubid = ".$PK_id." and stsrc = 'A'
						";
				
				$string_log = "Delete data Sub Module ".$PK_id." - ".$name." ";
				$string_msg = "Data ".$name." succesfully deleted";
			}
			
			
			$exe = mysql_query($sql) or die(mysql_error());
			
			addLogByUsername($string_log);
			setSessionMsg($string_msg);
			header("Location: ".$url_referer);
		}
	}
	else
	{
		addLogByUsername("Access Denied : Management Sub Modules");
		setSessionMsg("Access denied");
		header("Location: ".$url_referer);
	}
	
	
	/* End Process */
?>
<?php include($dot.'mvz-config/system/end.php'); ?>